Need help developer keeps editing site.

by warriorforum101

Posted: 14 years ago 13 replies

PROGRAMMING

i hired a developer to make my site, now all of a sudden he keeps saying you need to pay more blah blah, basically some scam, i knew it was too cheap.
he is locked out of the server but has made an admin section that i guess he is accessing. He temporarily put everything back.

How do i get out of this situation??? How can i lock this scammer out of my site?

#developer #editing #site

jaywilsonjr 14 years ago

Contact your web host first, see if they can help.

Otherwise you may have to end up hiring another developer to secure your site/server.

Jay
- Thanks
- 1 reply
Signature

Got Tech Problems? PM me for quick help!

Need a psd converted into a website? --> Check out my new offer | 1 FREE review copy left!
{{ DiscussionBoard.errors[2498019].message }}
- KlikApps 14 years ago
  
  Originally Posted by jaywilsonjr
  
  Contact your web host first, see if they can help.
  
  Otherwise you may have to end up hiring another developer to secure your site/server.
  
  Jay
  
  Yep. That's what it sounds like... Sucks that you had such a crappy developer.
  
  Thanks
  
  {{ DiscussionBoard.errors[2498922].message }}
anab01 Banned 14 years ago

[DELETED]

{{ DiscussionBoard.errors[2498149].message }}
- anab01 Banned 14 years ago
  
  [DELETED]
  
  {{ DiscussionBoard.errors[2498150].message }}
  
  anab01 Banned 14 years ago
  
  [DELETED]
  
  {{ DiscussionBoard.errors[2498153].message }}
  
  anab01 Banned 14 years ago
  
  [DELETED]
  
  {{ DiscussionBoard.errors[2498157].message }}
  
  anab01 Banned 14 years ago
  
  [DELETED]
  
  {{ DiscussionBoard.errors[2498161].message }}
  
  anab01 Banned 14 years ago
  
  [DELETED]
  
  {{ DiscussionBoard.errors[2498162].message }}
  
  anab01 Banned 14 years ago
  
  [DELETED]
  
  {{ DiscussionBoard.errors[2498164].message }}
jaimegm 14 years ago

If the programmer does not have access to your admin section he is uploading the information using a <form in this way he can upload anything that he wants, in other words he still have full access to your site, look for a form and <form ..> </form> and erase that section.
- Thanks
{{ DiscussionBoard.errors[2499308].message }}

mywebwork

14 years ago

Do you still have control of the domain name and nameservers? If you do then set up another hosting account for the site and point the nameservers to the new account.

You can then use your backups to install your site on the new account, which your former developer won't have access to.

Bill

Thanks
1 reply

{{ DiscussionBoard.errors[2500967].message }}

jaywilsonjr

14 years ago

Originally Posted by mywebwork

You can then use your backups to install your site on the new account, which your former developer won't have access to.

This really depends on how the developer is high jacking the site. If all he has done is set up another account for himself to access the site, then that is a easy fix. However I assume that the OP wouldn't have posted here if that was the case...

More than likely the developer has coded backdoor access into the code he wrote, or added it to the script that he installed on the site for the OP. If this is the case, even if the OP switches hosts etc. the developer will be able to change the site with ease at will...

Many (well most I know anyways) developers code a backdoor in everything they do. However this is the first time I have heard of one using it to blackmail a client into paying more cash. Typically they are only there as security in case the client does not pay for the work the developer completed. If push comes to shove the developer can shut the site off with a few clicks...

If this sounds sneaky or horrible, then you most likely have never been stiffed by a client...

Unless the client is paying 100% upfront (which is rare, unless you have a working relationship with the client) a developer really is at the mercy of a client to pay what is owed. (and to pay on time!) To combat that issue kill switches were created. Google the phrase "css kill switch" if you want to see a simple example of this. Keep in mind that some kill switches are much more sophisticated than a css kill switch...

Anyways OP I wish you luck, after contacting you host if they advise you that your site is not being altered as a result of a hidden access account - then you have a kill switch coded in your site. PM me your domain name and I will take a look through your source to see if I spot anything offhand...

But your host should be able to resolved this for you. Unless your project is bigger than most, I doubt you'll find that your developer went through the hassle of coding a kill switch...

Keep us updated,

Jay

Thanks
1 reply

Signature

Got Tech Problems? PM me for quick help!

Need a psd converted into a website? --> Check out my new offer | 1 FREE review copy left!

{{ DiscussionBoard.errors[2501117].message }}

Daniel44

14 years ago

I am a PHP developer and will look into this for you if you would like, no fee at all because I hate scammers like that, the less of them around, the better.

PM me if you are still having problems

Thanks
1 reply

{{ DiscussionBoard.errors[2501957].message }}

Aj Wilson

14 years ago

Originally Posted by Daniel44

I am a PHP developer and will look into this for you if you would like, no fee at all because I hate scammers like that, the less of them around, the better.

PM me if you are still having problems

Wow, I'd take Daniel up on his generous offer...

But you might also like to take a quick look in cPanel.
Look at the FTP Accounts (he maybe using) and shut him down.

And also UNCHECK "Allow Anonymous FTP Accounts".

That might help also.

Thanks

Signature

{{ DiscussionBoard.errors[2502091].message }}

warriorforum101

14 years ago

He has no access to ftp or servers or domain. there is a xyz dot com/admin

he is entering through the admin section........

More importantly, i am building another site with someone else but what the hell, why do coders have access. What do you do if your site is making millions of dollars, just trust some random developer, i would still not even trust my best friend.

After a site is developed how do you revise it and make sure there is no way for anyone but yourself to have access? I am really looking for help in this since i am paying someone else a big $$ to do a big PHP site. How do i secure all my members contact info and email addresses, i do want this developer to have access.

Thanks
2 replies

{{ DiscussionBoard.errors[2510800].message }}

jasonthewebmaster Banned 14 years ago

you have noone to blame yourself...sorry but i would probably side with the developer and say you should just pay him what you owe him!

sadly you will never have control unless you take the time to learn things like this yourself.

telling me he is accessing it through the admin section? be more more specific...what CMS are you using if any?

you have a lot of learning to do and until you do, you will always be at the mercy of someone more knowledgeable, so be very careful who you hire! there will always be people taking advantage of you when it comes to the web so make sure you have clear contracts for development work with clearly defined requirements and fees etc. this could have been avoided if you would be more clear as to what you want the developer to do and how much you are willing to pay for it.
- Thanks
{{ DiscussionBoard.errors[2524434].message }}

wayfarer

14 years ago

Originally Posted by warriorforum101

More importantly, i am building another site with someone else but what the hell, why do coders have access. What do you do if your site is making millions of dollars, just trust some random developer, i would still not even trust my best friend.

After a site is developed how do you revise it and make sure there is no way for anyone but yourself to have access? I am really looking for help in this since i am paying someone else a big $$ to do a big PHP site. How do i secure all my members contact info and email addresses, i do want this developer to have access.

The best thing, I would suggest, if you have a site that is a cash-cow, is to have a developer that is very well compensated for his or her time. A well compensated developer is not likely to fail you or pull any dirty tricks. Also, for a premium price you can get someone who is an expert at many things, experienced and able to handle many different responsibilities.

Thanks

Signature

I build web things, server things. I help build the startup Veenome. | Remote Programming Jobs

{{ DiscussionBoard.errors[2524557].message }}

zeeshi570 14 years ago

oo thats very bad.

u need to look in the code. He will be using place holders for updating the files.
- Thanks
{{ DiscussionBoard.errors[2527474].message }}
caesargus 14 years ago

I'm sorry that you had a bad experience with your developer. People like that gives developers a bad name, and makes it harder for honest developers to get decent work. And most back doors that programmers make, usually are for easier system management - at least that's what I use them for - to do rapid database inserts etc.

Also if the person has remote access into the database, that would also allow the developer to make updates to the admin without having to access the admin interface.

If you would agree with some of the other comments on here, and make sure that the developer is well compensated for what they produce.
- Thanks
Signature
The Marketing Easy Button - You Just Found it
Select All Facebook Friends
Auto Add Friends on Facebook
{{ DiscussionBoard.errors[2531710].message }}
ar.anandan 14 years ago

ask any programmer to check where the username and password of admin are stored.
Normally such programmers will use array of passwords, something like

admin, pass
admin2, pass2
.....
....

and they will be providing only one password to you.
check the above thorough any programmers and remove the unnecessary usernames and passwords.

also, change all other usernames and passwords.

regards
ar.anandan
- Thanks
{{ DiscussionBoard.errors[2531973].message }}

Need help developer keeps editing site.

Trending Topics

Been a while! Any of you Old Timers here?

How much does the rebranding affect CR ?

Boat and Jet Ski Rentals...... Door Hangers Effective?

Clickbank low cost recurring

Are billboards still effective in driving customers?